Changeset 3491682

Timestamp:

03/26/2026 10:37:14 AM (44 hours ago)

Author:

mt8.biz

Message:

Update to version 5.1.1 from GitHub

Location:

mw-wp-form

Files:

• tags/5.1.1 (copied) (copied from mw-wp-form/trunk)
• tags/5.1.1/classes/functions.php (modified) (1 diff)
• tags/5.1.1/classes/models/class.akismet.php (modified) (1 diff)
• tags/5.1.1/classes/models/class.directory.php (modified) (1 diff)
• tags/5.1.1/classes/services/class.redirected.php (modified) (1 diff)
• tags/5.1.1/mw-wp-form.php (modified) (1 diff)
• tags/5.1.1/readme.txt (modified) (3 diffs)
• trunk/classes/functions.php (modified) (1 diff)
• trunk/classes/models/class.akismet.php (modified) (1 diff)
• trunk/classes/models/class.directory.php (modified) (1 diff)
• trunk/classes/services/class.redirected.php (modified) (1 diff)
• trunk/mw-wp-form.php (modified) (1 diff)
• trunk/readme.txt (modified) (3 diffs)

mw-wp-form/tags/5.1.1/classes/functions.php

@@ -44 +44 @@
      * Unify line feed code to \n.
      *
-     * @param sring $string String.
+     * @param string|null $string String.
      * @return string
      */
     public static function convert_eol( $string ) {
-        return preg_replace( "/\r\n|\r|\n/", "\n", $string );
+        return is_string( $string ) ? preg_replace( "/\r\n|\r|\n/", "\n", $string ) : '';
     }
 

mw-wp-form/tags/5.1.1/classes/models/class.akismet.php

@@ -108 +108 @@
         }
 
-        $query_string = http_build_query( $akismet, null, '&' );
+        $query_string = http_build_query( $akismet, '', '&' );
         if ( is_callable( array( 'Akismet', 'http_post' ) ) ) {
             $response = Akismet::http_post( $query_string, 'comment-check' );

mw-wp-form/tags/5.1.1/classes/models/class.directory.php

@@ -146 +146 @@
         }
 
-        $filepath = path_join( $user_file_dir, $filename );
+        $normalized_filename = wp_normalize_path( $filename );
+        if (
+            wp_basename( $normalized_filename ) !== $normalized_filename ||
+            strstr( $normalized_filename, "\0" )
+        ) {
+            throw new \RuntimeException( '[MW WP Form] Invalid file reference requested.' );
+        }
+
+        $filepath      = path_join( $user_file_dir, $filename );
+        $filepath      = wp_normalize_path( $filepath );
+        $user_file_dir = trailingslashit( wp_normalize_path( $user_file_dir ) );
+
+        if ( 0 !== strpos( $filepath, $user_file_dir ) ) {
+            throw new \RuntimeException( '[MW WP Form] Invalid file reference requested.' );
+        }
 
         if ( str_contains( $filepath, '../' ) || str_contains( $filepath, '..' . DIRECTORY_SEPARATOR ) ) {

mw-wp-form/tags/5.1.1/classes/services/class.redirected.php

@@ -172 +172 @@
 
         if ( ! empty( $query_string ) ) {
-            return $url . '?' . http_build_query( $query_string, null, '&', PHP_QUERY_RFC3986 );
+            return $url . '?' . http_build_query( $query_string, '', '&', PHP_QUERY_RFC3986 );
         }
 

mw-wp-form/tags/5.1.1/mw-wp-form.php

@@ -4 +4 @@
  * Plugin URI: https://mw-wp-form.web-soudan.co.jp
  * Description: MW WP Form is shortcode base contact form plugin. This plugin have many features. For example you can use many validation rules, inquiry data saving, and chart aggregation using saved inquiry data.
- * Version: 5.1.0
+ * Version: 5.1.1
  * Requires at least: 6.0
+ * Requires PHP: 8.0
  * Author: websoudan
  * Author URI: https://web-soudan.co.jp/

mw-wp-form/tags/5.1.1/readme.txt

@@ -4 +4 @@
 Tags: plugin, form, confirm, preview, shortcode, mail, chart, graph, html, contact form, form creation, form creator, form manager, form builder, custom form
 Requires at least: 6.0
+Requires PHP: 8.0
 Tested up to: 6.4
-Stable tag: 5.1.0
+Stable tag: 5.1.1
 License: GPLv2 or later
 License URI: http://www.gnu.org/licenses/gpl-2.0.html
@@ -81 +82 @@
 == Changelog ==
 
+= 5.1.1 =
+* Security Fix insufficient file path validation in upload file handling
+
 = 5.1.0 =
 * Security Use wp_kses_post to form content/complete message
@@ -95 +99 @@
 
 = 5.0.3 =
-* Remove plugin asset files. 
+* Remove plugin asset files.
 
 = 5.0.2 =

mw-wp-form/trunk/classes/functions.php

@@ -44 +44 @@
      * Unify line feed code to \n.
      *
-     * @param sring $string String.
+     * @param string|null $string String.
      * @return string
      */
     public static function convert_eol( $string ) {
-        return preg_replace( "/\r\n|\r|\n/", "\n", $string );
+        return is_string( $string ) ? preg_replace( "/\r\n|\r|\n/", "\n", $string ) : '';
     }
 

mw-wp-form/trunk/classes/models/class.akismet.php

@@ -108 +108 @@
         }
 
-        $query_string = http_build_query( $akismet, null, '&' );
+        $query_string = http_build_query( $akismet, '', '&' );
         if ( is_callable( array( 'Akismet', 'http_post' ) ) ) {
             $response = Akismet::http_post( $query_string, 'comment-check' );

mw-wp-form/trunk/classes/models/class.directory.php

@@ -146 +146 @@
         }
 
-        $filepath = path_join( $user_file_dir, $filename );
+        $normalized_filename = wp_normalize_path( $filename );
+        if (
+            wp_basename( $normalized_filename ) !== $normalized_filename ||
+            strstr( $normalized_filename, "\0" )
+        ) {
+            throw new \RuntimeException( '[MW WP Form] Invalid file reference requested.' );
+        }
+
+        $filepath      = path_join( $user_file_dir, $filename );
+        $filepath      = wp_normalize_path( $filepath );
+        $user_file_dir = trailingslashit( wp_normalize_path( $user_file_dir ) );
+
+        if ( 0 !== strpos( $filepath, $user_file_dir ) ) {
+            throw new \RuntimeException( '[MW WP Form] Invalid file reference requested.' );
+        }
 
         if ( str_contains( $filepath, '../' ) || str_contains( $filepath, '..' . DIRECTORY_SEPARATOR ) ) {

mw-wp-form/trunk/classes/services/class.redirected.php

@@ -172 +172 @@
 
         if ( ! empty( $query_string ) ) {
-            return $url . '?' . http_build_query( $query_string, null, '&', PHP_QUERY_RFC3986 );
+            return $url . '?' . http_build_query( $query_string, '', '&', PHP_QUERY_RFC3986 );
         }
 

mw-wp-form/trunk/mw-wp-form.php

@@ -4 +4 @@
  * Plugin URI: https://mw-wp-form.web-soudan.co.jp
  * Description: MW WP Form is shortcode base contact form plugin. This plugin have many features. For example you can use many validation rules, inquiry data saving, and chart aggregation using saved inquiry data.
- * Version: 5.1.0
+ * Version: 5.1.1
  * Requires at least: 6.0
+ * Requires PHP: 8.0
  * Author: websoudan
  * Author URI: https://web-soudan.co.jp/

mw-wp-form/trunk/readme.txt

@@ -4 +4 @@
 Tags: plugin, form, confirm, preview, shortcode, mail, chart, graph, html, contact form, form creation, form creator, form manager, form builder, custom form
 Requires at least: 6.0
+Requires PHP: 8.0
 Tested up to: 6.4
-Stable tag: 5.1.0
+Stable tag: 5.1.1
 License: GPLv2 or later
 License URI: http://www.gnu.org/licenses/gpl-2.0.html
@@ -81 +82 @@
 == Changelog ==
 
+= 5.1.1 =
+* Security Fix insufficient file path validation in upload file handling
+
 = 5.1.0 =
 * Security Use wp_kses_post to form content/complete message
@@ -95 +99 @@
 
 = 5.0.3 =
-* Remove plugin asset files. 
+* Remove plugin asset files.
 
 = 5.0.2 =